This is purely anecdotal, but if you're planning on starting a security company, you might not want to have the word security in part or in whole anywhere in the name as the ones on my radar don't seem to come to have the best exits. For example, Securify (a former client), was bought for a pittance (rumor has it) by Secure Computing, which was, in turn swallowed up (salvaged?) by McAfee.
Silly musing? Perhaps, but not lost on Tufin CEO Ruvi Kitov when thinking over what to name the company he started five years ago. While some PR people might get annoyed that Tufin is commonly mis-pronounced as "tu-feen" (the i in Tufin is soft), it doesn't bother me at all. In fact, I like it because when I am corrected on a name I am way more likely to remember it, and I think that's how it is with most people. So in that respect, you might consider it savvy branding.
A former client of mine, Agiliance, got it's name from its founder, CTO Pravin Kothari's merging of the words 'agility" and "compliance." People had a tendency to mis-pronounce that name also, which didn't stop them from closing deals or me from keeping them in the news. I have a soft spot for Pravin, who played a major role developing ArcSight's SIM product, and for the company, although they are no longer a client. As for what a Tufin is and why Ruvi chose it for the name of his company, check out the video below:
I suppose I should clarify that as far as I know, the potential security-in-the-company-name jinx only applies to vendors. Indie analyst Mike Rothman announced today that he is merging his research consultancy, Security Incite with the "boutique" security research firm Securosis (a name I didn't like at first but has grown on me over time). While the Security Incite brand will get rolled into Securosis the rule does not apply. This merger is a happy marriage sure to result in much snarky commentary of the sort I like to consume. Will Alan Shimel be the next addition to the Securosis team? Now that would be interesting...
Both Mike and Shimmy can be seen in the video below, the first I ever made for public consumption, and yes, I know, it's obvious. I haven't gotten all that much better, either, but I keep trying.
Anyhow, day four into the new decade and I have a feeling it's going to be a high profile year for the infosec industry. We have Howard Schmidt back in the White House, Bruce Schnieier on MSNBC (even better is this Atlantic Monthly interview) talking about the ridiculousness of the new post-Christmas-attempted terror-attack airline rules, and upcoming product announcements from LGPR clients Tufin and Xceedium (I clearly have no shame).
I am about a quarter through Bruce's book, Beyond Fear, and it's an excellent read. There's a lot to be said for the whole concept of "security theater" vs. real security and hopefully I'll have the mental muscle to be able to comment on it but right now I'm still in learning mode. Despite the fact that the failures tend to get more attention then the successes, there are good people dedicated to providing "real security." Hopefully this year I can help spread the word on what's working...
Liz - Happy New Year to you. Thanks for mentioning me, but I don't think being an analyst at Securosis is in the cards for me. Mike and Rich should have a lot of fun but I am announcing my new thing in the next week or so.
alan
Posted by: ashimmy | January 05, 2010 at 08:13 AM
Hey Alan, looking forward to hearing what you're up to and wishing you and your family all the best in 2010! See you at RSA, right?
Posted by: Elizabeth Safran | January 05, 2010 at 09:39 AM